Forum Discussion
NoctilucentLTM attempting reverse lookups on pool members
Here's the situation I am encountering. I have a virtual server setup to listen on all ports, with a UDP profile applied to it. There's nothing special about the UDP profile except that we're doing UDP datagram load balancing. The pool assigned to the virtual server contains two members, with an external keepalive that logs into each host and runs a script to determine health status. Everything is working as intended.
I am seeing repeated reverse lookup attempts from LTM for these two pool members. Sample log messages:
19:30:20.411395 IP LTM.27488 > DNS-SERVER.53: 34032+ PTR? 245.237.22.172.in-addr.arpa. (45) 19:30:20.412532 IP DNS-SERVER.53 > LTM.27488: 34032 NXDomain 0/1/0 (122)
The queries are sent from LTM four times every second or so. I've tried looking through all of the settings to turn off this reverse DNS check but have been unsuccessful. The queries aren't being sent from LTM for any other pool member(s) other than these two, and there are lots of pools configured.
Anyone have a solution to this problem?
- Cory
7 Replies
What_Lies_Bene1Cirrostratus
I know it's obvious but could your external script be the cause?
Cory_50405Here's my external monitor. Nothing in here about DNS lookups:
!/bin/sh remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)IP=
PORT=${2} set the pid file location and nameecho ${1} | sed 's/::ffff://'PIDFILE="/var/run/
.${IP}.${PORT}.pid" kill off the last instance of this monitor if hung and log current pidbasename ${0}if [ -f $PIDFILE ] then
echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.errorkill -9
> /dev/null 2>&1 fi echo "$$" > $PIDFILE send request & check for expected responsecat $PIDFILEssh splunkf5@${IP} -i /config/ssh/ssh_host_dsa_key "/home/splunkf5/healthcheck.sh" > /dev/null 2>&1
mark node UP if expected response was receivedif [ $? -eq 0 ] then echo "UP" fi rm -f $PIDFILE exit
- What_Lies_Bene1Looks that way. I don't suppose the key file or .sh file have hostnames within rather than IPs?
- Cory_50405I can't speak to the .sh file running on the remote hosts. From the LTM's perspective, we're just taking the output and determining an up/down status. Nothing that the remote hosts are doing in that script should matter to LTM, only that we're getting a response from the host to evaluate for an up/down decision. The key file that we're presenting to the remote hosts for SSH key authentication is just the LTM's host key. Nothing about the remote hosts is specified in the key.
- What_Lies_Bene1OK, thanks.
- Kevin_Stewart
Employee
What happens if you remove the monitor from the pool?
- Kevin_Stewart
From what I've read so far, it seems that the SSH client is supposed to perform this reverse lookup, and I've not seen any way to turn that off. Can you try adding the remote IP and server name to the local Hosts file?
